Attacks, Regs Driving Security Spending

Reflecting growing cyber security threats, global spending on information security products is expected to rise by 7 percent this year, according to a new forecast.

Gartner Inc. pegs the global market for information security products and services at $86.4 billion this year, predicting it will rise in parallel with cyber threats to an estimated $93 billion in 2018. Among the biggest gainers are the security testing market, although the researcher notes that it is expanding from a relatively small base.

Demand is being driven by evolving security threats as well as pending data governance regulations, Gartner noted. As a result, spending on emerging security-testing tools is seen as fueling growth in the infrastructure security market through at 2021.

As information security works its way deeper into enterprises,

Gartner (NYSE: IT) notes that application testing is becoming a standard process for DevOps teams seeking to "bake" security into applications and infrastructure deployments. Much attention has focused on securing emerging micro-services that are delivering more distributed applications to mobile workers.

Among the services fueling security spending are interactive application security testing tools, a means of stress testing web or other applications before they enter production.

Nevertheless, Gartner reckons security services, including IT outsourcing and other implementation services, are expected to take a substantial bite out of the traditional hardware-based support market. That reflects the trend toward software-defined infrastructure ranging from public cloud, security-as-a-service offerings and virtual appliances.

A seemingly unending string of high-profile malware, ransomware and other cyber attacks has removed any remaining complacency about the need for enterprise IT security, the market researcher noted. Indeed, the steady shift to public clouds is raising greater security concerns: Cyber specialists noted that Microsoft (NASDAQ: MSFT) recently reported the frequency and sophistication of attacks on cloud users is accelerating, increasing at an alarming 300-percent rate over the past year, according to company's security unit.

"Rising awareness among CEOs and boards of directors about the business impact of security incidents and an evolving regulatory landscape have led to continued spending on security products and services," noted Gartner principle research analyst Sid Deshpande.

"As seen in the recent spate of global security incidents, doing the basics right has never been more important. Organizations can improve their security posture significantly just by addressing basic security and risk related hygiene elements like threat centric vulnerability management, centralized log management, internal network segmentation, backups and system hardening," Deshpande added.

The other wild card expected to drive security spending are new data governance rules such as the European Union's General Data Protection Regulation expected to enter force later this year. The new data regulations are expected to drive 65 percent of purchases for data loss prevention through 2018, Gartner forecasts.

All this translates into increased spending on "managed" security services, with security bundled into broader IT outsourcing services, a trend that is expected to double to by 2020, the market researcher said.

Cyber investors agree: Private equity firm Warburg Pincus said Monday (Aug. 21) it has invested in pure-play "managed detection and response services provider eSentire Inc. of Cambridge, Ontario. The investor wrote a "nine-figure check," according to a source requesting anonymity

Related

George Leopold has written about science and technology for more than 30 years, focusing on electronics and aerospace technology. He previously served as executive editor of Electronic Engineering Times. Leopold is the author of "Calculated Risk: The Supersonic Life and Times of Gus Grissom" (Purdue University Press, 2016).